예제 #1
0
    def getPubKey(self, bac_cp, mrz_value):
        """
        It uses method from pypassport.doc9303.bac in order to authenticate and establish the session keys

        @param bac_cp: A BAC for the authentication and establishment of session keys
        @type bac_cp: A pypassport.doc9303.bac.BAC() object
        @param mrz_value: A MRZ
        @type mrz_value: String value ("PPPPPPPPPPcCCCYYMMDDcSYYMMDDc<<<<<<<<<<<<<<cd")

        @return: The public key (DG15)
        """
        self.log("Reset conenction")
        self._iso7816.rstConnection()

        self.log("Generate the MRZ object")
        mrz_pass = mrz.MRZ(mrz_value)
        self.log("Check the MRZ")
        mrz_pass.checkMRZ()

        self.log("Authentication and establishment of session keys")
        (KSenc, KSmac, ssc) = bac_cp.authenticationAndEstablishmentOfSessionKeys(mrz_pass)
        self.log("Encryption key: {0}".format(binToHexRep(KSenc)))
        self.log("MAC key: {0}".format(binToHexRep(KSmac)))
        self.log("Send Sequence Counter: {0}".format(binToHexRep(ssc)))
        sm = SecureMessaging(KSenc, KSmac, ssc)
        self._iso7816.setCiphering(sm)

        dgReader = datagroup.DataGroupReaderFactory().create(self._iso7816)

        tag = converter.toTAG("DG15")
        dgFile = dgReader.readDG(tag)
        self.log("Get public key")
        dg15 = datagroup.DataGroupFactory().create(dgFile)
        self.log("Public key: {0}".format(binToHexRep(dg15.body)))
        return dg15.body
예제 #2
0
    def create(self, type, issuer, name, surname, nat, sex, passportID, birthDate, expiryDate):
        m = mrz.MRZ(None)
        forgedMRZ = m.buildMRZ(type, issuer, name, surname, nat, sex, passportID, self._convertDate(birthDate), self._convertDate(expiryDate))

        self._dgc.addDataObject("5F1F", forgedMRZ)

        return DataGroup1(self._dgc).parse()
예제 #3
0
    def setKseed(self, dg1):
        l2 = dg1["5F1F"][44:]
        b = bac.BAC(None)
        m = mrz.MRZ(l2)
        m.checkMRZ()
        kseed = binToHexRep(b.mrz_information(m))
        toSend = CommandAPDU("10", "A7", "00", "00", "18", kseed, "")
        self._iso7816.transmit(toSend, "Set KSeed")

        self.log("Kseed set")
예제 #4
0
    def __init__(self, reader, epMrz=None):
        """ 
        This object provide most of the functionnalities described in the EPassport document.
            - The basic acces control + secure messaging
            - The active authentication
            - The passive authentication
            - Reading of the various dataGroups
        
        @param reader: It can be a reader or a path to dumps
        @type reader: A reader object, then it will use the specified rfid reader. 
                      A string, then the simulator will read the dumps from the specified url.  
        
        @param mrz: An object representing the passport MRZ.
        @type mrz: An MRZ object 
        """
        logger.Logger.__init__(self, "EPassport")

        if epMrz:
            self._mrz = mrz.MRZ(epMrz)
            if self._mrz.checkMRZ() == False:
                raise EPassportException("Invalid MRZ")
        else:
            self._mrz = None

        self._iso7816 = iso7816.Iso7816(reader)
        self._iso7816.register(self._logFct)

        self._dgReader = datagroup.DataGroupReaderFactory().create(
            self._iso7816)
        self._dgReader.register(self._logFct)

        self._bac = bac.BAC(self._iso7816)
        self._bac.register(self._logFct)

        self._openSSL = openssl.OpenSSL()
        self._openSSL.register(self._logFct)

        self._aa = activeauthentication.ActiveAuthentication(
            self._iso7816, self._openSSL)
        self._aa.register(self._logFct)

        self._pa = passiveauthentication.PassiveAuthentication(self._openSSL)
        self._pa.register(self._logFct)

        self._CSCADirectory = None
        self._selectPassportApp()
예제 #5
0
 def performBAC(self):
     try:
         if self.mrz.buildMRZ():
             self.reset()
             self.init()
             basic_access_control = bac.BAC(self._iso7816)
             (
                 KSenc, KSmac, ssc
             ) = basic_access_control.authenticationAndEstablishmentOfSessionKeys(
                 mrz.MRZ(self.mrz.buildMRZ()))
             sm = securemessaging.SecureMessaging(KSenc, KSmac, ssc)
             self._iso7816.setCiphering(sm)
             self.writeToLog("CIPHERING SET:\n{0}".format(sm))
         else:
             tkMessageBox.showerror("Error: BAC",
                                    "You have to set the proper MRZ first")
     except Exception, msg:
         tkMessageBox.showerror("Error: BAC", str(msg))
예제 #6
0
 def genBACKeys(self):
     try:
         if self.mrz.buildMRZ():
             basic_access_control = bac.BAC(self._iso7816)
             mrz_to_send = mrz.MRZ(self.mrz.buildMRZ())
             mrz_to_send.checkMRZ()
             (Kenc, Kmac
              ) = basic_access_control.derivationOfDocumentBasicAccesKeys(
                  mrz_to_send)
             Kenc = binToHexRep(Kenc)
             Kmac = binToHexRep(Kmac)
             self.writeToLog(
                 "GENERATE THE BAC KEYS:\n  Kenc: {0}\n  Kmac: {1}".format(
                     Kenc, Kmac))
             self.field1Form.delete(0, END)
             self.field1Form.insert(0, Kenc)
             self.field2Form.delete(0, END)
             self.field2Form.insert(0, Kmac)
         else:
             tkMessageBox.showerror("Error: Generate BAC keys",
                                    "You have to set the proper MRZ first")
     except Exception, msg:
         tkMessageBox.showerror("Error: BAC", str(msg))
예제 #7
0
 def switchMRZ(self, newMRZ):
     currentMRZ = self._mrz
     self._mrz = mrz.MRZ(newMRZ)
     if self._mrz.checkMRZ() == False:
         raise EPassportException("Invalid MRZ")
     return str(currentMRZ)